mirror of
https://github.com/go-gitea/gitea
synced 2025-07-22 18:28:37 +00:00
rework heatmap permissions (#14080)
* now uses the same permission model as for the activity feed: only include activities in repos, that the doer has access to. this might be somewhat slower. * also improves handling of user.KeepActivityPrivate (still shows the heatmap to self & admins) * extend tests * adjust integration test to new behaviour * add access to actions for admins * extend heatmap unit tests
This commit is contained in:
@@ -16,10 +16,10 @@ type UserHeatmapData struct {
|
||||
}
|
||||
|
||||
// GetUserHeatmapDataByUser returns an array of UserHeatmapData
|
||||
func GetUserHeatmapDataByUser(user *User) ([]*UserHeatmapData, error) {
|
||||
func GetUserHeatmapDataByUser(user *User, doer *User) ([]*UserHeatmapData, error) {
|
||||
hdata := make([]*UserHeatmapData, 0)
|
||||
|
||||
if user.KeepActivityPrivate {
|
||||
if !activityReadable(user, doer) {
|
||||
return hdata, nil
|
||||
}
|
||||
|
||||
@@ -37,22 +37,26 @@ func GetUserHeatmapDataByUser(user *User) ([]*UserHeatmapData, error) {
|
||||
groupByName = groupBy
|
||||
}
|
||||
|
||||
sess := x.Select(groupBy+" AS timestamp, count(user_id) as contributions").
|
||||
Table("action").
|
||||
Where("user_id = ?", user.ID).
|
||||
And("created_unix > ?", (timeutil.TimeStampNow() - 31536000))
|
||||
|
||||
// * Heatmaps for individual users only include actions that the user themself
|
||||
// did.
|
||||
// * For organizations actions by all users that were made in owned
|
||||
// repositories are counted.
|
||||
if user.Type == UserTypeIndividual {
|
||||
sess = sess.And("act_user_id = ?", user.ID)
|
||||
cond, err := activityQueryCondition(GetFeedsOptions{
|
||||
RequestedUser: user,
|
||||
Actor: doer,
|
||||
IncludePrivate: true, // don't filter by private, as we already filter by repo access
|
||||
IncludeDeleted: true,
|
||||
// * Heatmaps for individual users only include actions that the user themself did.
|
||||
// * For organizations actions by all users that were made in owned
|
||||
// repositories are counted.
|
||||
OnlyPerformedBy: !user.IsOrganization(),
|
||||
})
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
err := sess.GroupBy(groupByName).
|
||||
return hdata, x.
|
||||
Select(groupBy+" AS timestamp, count(user_id) as contributions").
|
||||
Table("action").
|
||||
Where(cond).
|
||||
And("created_unix > ?", (timeutil.TimeStampNow() - 31536000)).
|
||||
GroupBy(groupByName).
|
||||
OrderBy("timestamp").
|
||||
Find(&hdata)
|
||||
|
||||
return hdata, err
|
||||
}
|
||||
|
Reference in New Issue
Block a user